DNS noise

• Previous message (by thread): DNS noise
• Next message (by thread): DNS noise
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Apr 6, 2012 at 12:52 PM, PC <paul4004 at gmail.com> wrote:
> Of course you'd have to actually be running a poorly configured DNS server
> on that IP for this to work...

Right....  was that IP ever running a DNS service?

Picking random IPs to spoof and hope some of the random IPs happen to
be DNS servers
doesn't sound like a very "efficient" attack.    It seems like the
attacker would want to
'probe first'   before selecting innocent servers to reflect at

Perhaps 2 or 3%  of  the  possible random IPs on the internet actually
run DNS servers
that could possibly respond to spoofed queries?

--
-JH

• Previous message (by thread): DNS noise
• Next message (by thread): DNS noise
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]